1.8.7

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ruby-lang

CWE-189

nessus

NVD

Published: 2009-06-11

Updated: 2024-11-21

Summary

The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type.

Vulnerable Configurations

Part	Description	Count
Application	Ruby-Lang Ruby Lang Ruby 1.8.7 Ruby Lang Ruby 1.8.6	2

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2009-325.NASL
description	Multiple vulnerabilities was discovered and corrected in ruby : ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate (CVE-2009-0642). The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type (CVE-2009-1904). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides a solution to these vulnerabilities.
last seen	2020-06-01
modified	2020-06-02
plugin id	43044
published	2009-12-08
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/43044
title	Mandriva Linux Security Advisory : ruby (MDVSA-2009:325)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2009:325. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(43044); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:32:52"); script_cve_id("CVE-2009-0642", "CVE-2009-1904"); script_bugtraq_id(35278); script_xref(name:"MDVSA", value:"2009:325"); script_name(english:"Mandriva Linux Security Advisory : ruby (MDVSA-2009:325)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities was discovered and corrected in ruby : ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate (CVE-2009-0642). The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type (CVE-2009-1904). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides a solution to these vulnerabilities." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189, 287); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ruby-tk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2008.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2008.0", reference:"ruby-1.8.6-5.4mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"ruby-devel-1.8.6-5.4mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"ruby-doc-1.8.6-5.4mdv2008.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2008.0", reference:"ruby-tk-1.8.6-5.4mdv2008.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2009-13066.NASL
description	Update to 1.8.6 p368 This package also fixes the build failure on arm -gnueabi systems (bug 506233), and DOS vulnerability issue on BigDecimal method (bug 504958, CVE-2009-1904) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	43122
published	2009-12-14
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/43122
title	Fedora 10 : ruby-1.8.6.368-2.fc10 (2009-13066)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2009-13066. # include("compat.inc"); if (description) { script_id(43122); script_version("1.11"); script_cvs_date("Date: 2019/08/02 13:32:29"); script_cve_id("CVE-2009-1904"); script_xref(name:"FEDORA", value:"2009-13066"); script_name(english:"Fedora 10 : ruby-1.8.6.368-2.fc10 (2009-13066)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update to 1.8.6 p368 This package also fixes the build failure on arm -gnueabi systems (bug 506233), and DOS vulnerability issue on BigDecimal method (bug 504958, CVE-2009-1904) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=504958" ); # https://lists.fedoraproject.org/pipermail/package-announce/2009-December/032540.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?3b7e4413" ); script_set_attribute(attribute:"solution", value:"Update the affected ruby package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ruby"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:10"); script_set_attribute(attribute:"patch_publication_date", value:"2009/12/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^10([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 10.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC10", reference:"ruby-1.8.6.368-2.fc10")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ruby"); }

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2009-1140.NASL
description	From Red Hat Security Advisory 2009:1140 : Updated ruby packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way the Ruby POP module processed certain APOP authentication requests. By sending certain responses when the Ruby APOP module attempted to authenticate using APOP against a POP server, a remote attacker could, potentially, acquire certain portions of a user
last seen	2020-06-01
modified	2020-06-02
plugin id	67889
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67889
title	Oracle Linux 4 / 5 : ruby (ELSA-2009-1140)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2009:1140 and # Oracle Linux Security Advisory ELSA-2009-1140 respectively. # include("compat.inc"); if (description) { script_id(67889); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:08"); script_cve_id("CVE-2007-1558", "CVE-2009-0642", "CVE-2009-1904"); script_bugtraq_id(23257, 35278); script_xref(name:"RHSA", value:"2009:1140"); script_name(english:"Oracle Linux 4 / 5 : ruby (ELSA-2009-1140)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2009:1140 : Updated ruby packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way the Ruby POP module processed certain APOP authentication requests. By sending certain responses when the Ruby APOP module attempted to authenticate using APOP against a POP server, a remote attacker could, potentially, acquire certain portions of a user's authentication credentials. (CVE-2007-1558) It was discovered that Ruby did not properly check the return value when verifying X.509 certificates. This could, potentially, allow a remote attacker to present an invalid X.509 certificate, and have Ruby treat it as valid. (CVE-2009-0642) A flaw was found in the way Ruby converted BigDecimal objects to Float numbers. If an attacker were able to provide certain input for the BigDecimal object converter, they could crash an application using this class. (CVE-2009-1904) All Ruby users should upgrade to these updated packages, which contain backported patches to resolve these issues." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2009-July/001069.html" ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2009-July/001070.html" ); script_set_attribute(attribute:"solution", value:"Update the affected ruby packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189, 287); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:irb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-irb"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-mode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-rdoc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-ri"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ruby-tcltk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/04/16"); script_set_attribute(attribute:"patch_publication_date", value:"2009/07/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| !pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server\|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^(4\|5)([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 4 / 5", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL4", reference:"irb-1.8.1-7.0.1.el4_8.3")) flag++; if (rpm_check(release:"EL4", reference:"ruby-1.8.1-7.0.1.el4_8.3")) flag++; if (rpm_check(release:"EL4", reference:"ruby-devel-1.8.1-7.0.1.el4_8.3")) flag++; if (rpm_check(release:"EL4", reference:"ruby-docs-1.8.1-7.0.1.el4_8.3")) flag++; if (rpm_check(release:"EL4", reference:"ruby-libs-1.8.1-7.0.1.el4_8.3")) flag++; if (rpm_check(release:"EL4", reference:"ruby-mode-1.8.1-7.0.1.el4_8.3")) flag++; if (rpm_check(release:"EL4", reference:"ruby-tcltk-1.8.1-7.0.1.el4_8.3")) flag++; if (rpm_check(release:"EL5", reference:"ruby-1.8.5-5.el5_3.7")) flag++; if (rpm_check(release:"EL5", reference:"ruby-devel-1.8.5-5.el5_3.7")) flag++; if (rpm_check(release:"EL5", reference:"ruby-docs-1.8.5-5.el5_3.7")) flag++; if (rpm_check(release:"EL5", reference:"ruby-irb-1.8.5-5.el5_3.7")) flag++; if (rpm_check(release:"EL5", reference:"ruby-libs-1.8.5-5.el5_3.7")) flag++; if (rpm_check(release:"EL5", reference:"ruby-mode-1.8.5-5.el5_3.7")) flag++; if (rpm_check(release:"EL5", reference:"ruby-rdoc-1.8.5-5.el5_3.7")) flag++; if (rpm_check(release:"EL5", reference:"ruby-ri-1.8.5-5.el5_3.7")) flag++; if (rpm_check(release:"EL5", reference:"ruby-tcltk-1.8.5-5.el5_3.7")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "irb / ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / etc"); }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-900-1.NASL
description	Emmanouel Kellinis discovered that Ruby did not properly handle certain string operations. An attacker could exploit this issue and possibly execute arbitrary code with application privileges. (CVE-2009-4124) Giovanni Pellerano, Alessandro Tanasi, and Francesco Ongaro discovered that Ruby did not properly sanitize data written to log files. An attacker could insert specially crafted data into log files which could affect certain terminal emulators and cause arbitrary files to be overwritten, or even possibly execute arbitrary commands. (CVE-2009-4492) It was discovered that Ruby did not properly handle string arguments that represent large numbers. An attacker could exploit this and cause a denial of service. This issue only affected Ubuntu 9.10. (CVE-2009-1904). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	44640
published	2010-02-17
reporter	Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/44640
title	Ubuntu 8.10 / 9.04 / 9.10 : ruby1.9 vulnerabilities (USN-900-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-900-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(44640); script_version("1.16"); script_cvs_date("Date: 2019/09/19 12:54:26"); script_cve_id("CVE-2009-1904", "CVE-2009-4124", "CVE-2009-4492"); script_bugtraq_id(35278, 37710); script_xref(name:"USN", value:"900-1"); script_name(english:"Ubuntu 8.10 / 9.04 / 9.10 : ruby1.9 vulnerabilities (USN-900-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Emmanouel Kellinis discovered that Ruby did not properly handle certain string operations. An attacker could exploit this issue and possibly execute arbitrary code with application privileges. (CVE-2009-4124) Giovanni Pellerano, Alessandro Tanasi, and Francesco Ongaro discovered that Ruby did not properly sanitize data written to log files. An attacker could insert specially crafted data into log files which could affect certain terminal emulators and cause arbitrary files to be overwritten, or even possibly execute arbitrary commands. (CVE-2009-4492) It was discovered that Ruby did not properly handle string arguments that represent large numbers. An attacker could exploit this and cause a denial of service. This issue only affected Ubuntu 9.10. (CVE-2009-1904). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/900-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(20, 119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:irb1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libdbm-ruby1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libgdbm-ruby1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libopenssl-ruby1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libreadline-ruby1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libruby1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libruby1.9-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libtcltk-ruby1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:rdoc1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ri1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby1.9"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby1.9-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby1.9-elisp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ruby1.9-examples"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/06/11"); script_set_attribute(attribute:"patch_publication_date", value:"2010/02/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/17"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(8\.10\|9\.04\|9\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.10 / 9.04 / 9.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"8.10", pkgname:"irb1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"libdbm-ruby1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"libgdbm-ruby1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"libopenssl-ruby1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"libreadline-ruby1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"libruby1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"libruby1.9-dbg", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"libtcltk-ruby1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"rdoc1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"ri1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"ruby1.9", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"ruby1.9-dev", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"ruby1.9-elisp", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"8.10", pkgname:"ruby1.9-examples", pkgver:"1.9.0.2-7ubuntu1.3")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"irb1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libdbm-ruby1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libgdbm-ruby1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libopenssl-ruby1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libreadline-ruby1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libruby1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libruby1.9-dbg", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"libtcltk-ruby1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"rdoc1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"ri1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"ruby1.9", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"ruby1.9-dev", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"ruby1.9-elisp", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.04", pkgname:"ruby1.9-examples", pkgver:"1.9.0.2-9ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"irb1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libdbm-ruby1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libgdbm-ruby1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libopenssl-ruby1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libreadline-ruby1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libruby1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libruby1.9-dbg", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"libtcltk-ruby1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"rdoc1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"ri1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"ruby1.9", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"ruby1.9-dev", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"ruby1.9-elisp", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"9.10", pkgname:"ruby1.9-examples", pkgver:"1.9.0.5-1ubuntu1.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "irb1.9 / libdbm-ruby1.9 / libgdbm-ruby1.9 / libopenssl-ruby1.9 / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_RUBY-6338.NASL
description	This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
last seen	2020-06-01
modified	2020-06-02
plugin id	51760
published	2011-01-27
reporter	This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/51760
title	SuSE 10 Security Update : ruby (ZYPP Patch Number 6338)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(51760); script_version ("1.8"); script_cvs_date("Date: 2019/10/25 13:36:37"); script_cve_id("CVE-2008-3443", "CVE-2008-3655", "CVE-2008-3656", "CVE-2008-3657", "CVE-2008-3790", "CVE-2008-3905", "CVE-2009-0642", "CVE-2009-1904"); script_name(english:"SuSE 10 Security Update : ruby (ZYPP Patch Number 6338)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby's access restriction code (CVE-2008-3655) as well as safe-level handling using function DL.dlopen() (CVE-2008-3657) and big decimal handling (CVE-2009-1904) was improved. Bypassing HTTP basic authentication (authenticate_with_http_digest) is not possible anymore." ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3443.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3655.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3656.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3657.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3790.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3905.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-0642.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2009-1904.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6338."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_cwe_id(20, 189, 264, 287, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2009/07/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"ruby-1.8.6.p369-0.4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2009-1140.NASL
description	Updated ruby packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way the Ruby POP module processed certain APOP authentication requests. By sending certain responses when the Ruby APOP module attempted to authenticate using APOP against a POP server, a remote attacker could, potentially, acquire certain portions of a user
last seen	2020-06-01
modified	2020-06-02
plugin id	39599
published	2009-07-03
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/39599
title	RHEL 4 / 5 : ruby (RHSA-2009:1140)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_1_RUBY-090703.NASL
description	This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
last seen	2020-06-01
modified	2020-06-02
plugin id	40306
published	2009-07-21
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/40306
title	openSUSE Security Update : ruby (ruby-1070)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_0_RUBY-090703.NASL
description	This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
last seen	2020-06-01
modified	2020-06-02
plugin id	40122
published	2009-07-21
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/40122
title	openSUSE Security Update : ruby (ruby-1070)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_62E0FBE5579811DEBB78001CC0377035.NASL
description	The official ruby site reports : A denial of service (DoS) vulnerability was found on the BigDecimal standard library of Ruby. Conversion from BigDecimal objects into Float numbers had a problem which enables attackers to effectively cause segmentation faults. An attacker can cause a denial of service by causing BigDecimal to parse an insanely large number, such as : BigDecimal(
last seen	2020-06-01
modified	2020-06-02
plugin id	39375
published	2009-06-15
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/39375
title	FreeBSD : ruby -- BigDecimal denial of service vulnerability (62e0fbe5-5798-11de-bb78-001cc0377035)

NASL family	Slackware Local Security Checks
NASL id	SLACKWARE_SSA_2009-170-02.NASL
description	New ruby packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	39473
published	2009-06-21
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/39473
title	Slackware 11.0 / 12.0 / 12.1 / 12.2 / current : ruby (SSA:2009-170-02)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20090702_RUBY_ON_SL4_X.NASL
description	A flaw was found in the way the Ruby POP module processed certain APOP authentication requests. By sending certain responses when the Ruby APOP module attempted to authenticate using APOP against a POP server, a remote attacker could, potentially, acquire certain portions of a user
last seen	2020-06-01
modified	2020-06-02
plugin id	60613
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60613
title	Scientific Linux Security Update : ruby on SL4.x, SL5.x i386/x86_64

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-805-1.NASL
description	It was discovered that Ruby did not properly validate certificates. An attacker could exploit this and present invalid or revoked X.509 certificates. (CVE-2009-0642) It was discovered that Ruby did not properly handle string arguments that represent large numbers. An attacker could exploit this and cause a denial of service. (CVE-2009-1904). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	40329
published	2009-07-21
reporter	Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/40329
title	Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : ruby1.8, ruby1.9 vulnerabilities (USN-805-1)

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_10_6_3.NASL
description	The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.3. Mac OS X 10.6.3 contains security fixes for the following products : - AFP Server - Apache - CoreAudio - CoreMedia - CoreTypes - CUPS - DesktopServices - Disk Images - Directory Services - Dovecot - Event Monitor - FreeRADIUS - FTP Server - iChat Server - ImageIO - Image RAW - Libsystem - Mail - MySQL - OS Services - Password Server - PHP - Podcast Producer - Preferences - PS Normalizer - QuickTime - Ruby - Server Admin - SMB - Tomcat - Wiki Server - X11
last seen	2020-06-01
modified	2020-06-02
plugin id	45372
published	2010-03-29
reporter	This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/45372
title	Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_RUBY-6339.NASL
description	This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug (CVE-2008-3790). An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
last seen	2020-06-01
modified	2020-06-02
plugin id	42032
published	2009-10-06
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/42032
title	openSUSE 10 Security Update : ruby (ruby-6339)

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_SECUPD2010-002.NASL
description	The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-002 applied. This security update contains fixes for the following products : - AppKit - Application Firewall - AFP Server - Apache - ClamAV - CoreTypes - CUPS - curl - Cyrus IMAP - Cyrus SASL - Disk Images - Directory Services - Event Monitor - FreeRADIUS - FTP Server - iChat Server - Image RAW - Libsystem - Mail - Mailman - OS Services - Password Server - perl - PHP - PS Normalizer - Ruby - Server Admin - SMB - Tomcat - unzip - vim - Wiki Server - X11 - xar
last seen	2020-06-01
modified	2020-06-02
plugin id	45373
published	2010-03-29
reporter	This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/45373
title	Mac OS X Multiple Vulnerabilities (Security Update 2010-002)

NASL family	SuSE Local Security Checks
NASL id	SUSE9_12452.NASL
description	This update for ruby fixes the following security issues : - Improve return value checks for OpenSSL function OCSP_basic_verify() to refuse usage of revoked certificates. (CVE-2009-0642) - Increase entropy of DNS identifiers to avoid spoofing attacks. (CVE-2008-3905) - Fix denial of service (DoS) vulnerability while parsing XML data. (CVE-2008-3790) - Fix possible attack on algorithm complexity in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests or by using the regex engine to cause high CPU load. (CVE-2008-3656, CVE-2008-3443) - Improve ruby
last seen	2020-06-01
modified	2020-06-02
plugin id	41312
published	2009-09-24
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/41312
title	SuSE9 Security Update : ruby (YOU Patch Number 12452)

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2009-160.NASL
description	The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type. This update corrects the problem.
last seen	2020-06-01
modified	2020-06-02
plugin id	40398
published	2009-07-28
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/40398
title	Mandriva Linux Security Advisory : ruby (MDVSA-2009:160)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2009-1140.NASL
description	Updated ruby packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way the Ruby POP module processed certain APOP authentication requests. By sending certain responses when the Ruby APOP module attempted to authenticate using APOP against a POP server, a remote attacker could, potentially, acquire certain portions of a user
last seen	2020-06-01
modified	2020-06-02
plugin id	43767
published	2010-01-06
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/43767
title	CentOS 5 : ruby (CESA-2009:1140)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1860.NASL
description	Several vulnerabilities have been discovered in Ruby. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0642 The return value from the OCSP_basic_verify function was not checked properly, allowing continued use of a revoked certificate. - CVE-2009-1904 An issue in parsing BigDecimal numbers can result in a denial-of-service condition (crash). The following matrix identifies fixed versions : ruby1.8 ruby1.9 oldstable (etch) 1.8.5-4etch5 1.9.0+20060609-1etch5 stable (lenny) 1.8.7.72-3lenny1 1.9.0.2-9lenny1 unstable (sid) 1.8.7.173-1 (soon)
last seen	2020-06-01
modified	2020-06-02
plugin id	44725
published	2010-02-24
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/44725
title	Debian DSA-1860-1 : ruby1.8, ruby1.9 - several vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_RUBY-090703.NASL
description	This ruby update improves return value checks for openssl function OCSP_basic_verify() (CVE-2009-0642) which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased (CVE-2008-3905) to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of service bug. (CVE-2008-3790) An attack on algorithm complexity was possible in function WEBrick::HTTP::DefaultFileHandler() while parsing HTTP requests (CVE-2008-3656) as well as by using the regex engine (CVE-2008-3443) causing high CPU load. Ruby
last seen	2020-06-01
modified	2020-06-02
plugin id	41452
published	2009-09-24
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/41452
title	SuSE 11 Security Update : ruby (SAT Patch Number 1073)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-200906-02.NASL
description	The remote host is affected by the vulnerability described in GLSA-200906-02 (Ruby: Denial of Service) Tadayoshi Funaba reported that BigDecimal in ext/bigdecimal/bigdecimal.c does not properly handle string arguments containing overly long numbers. Impact : A remote attacker could exploit this issue to remotely cause a Denial of Service attack. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	39565
published	2009-06-29
reporter	This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/39565
title	GLSA-200906-02 : Ruby: Denial of Service

Oval

accepted

2013-04-29T04:22:07.774-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:9780

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

Redhat

advisories

bugzilla

id	504958
title	CVE-2009-1904 ruby: DoS vulnerability in BigDecimal

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 4 is installed
oval oval:com.redhat.rhba:tst:20070304025

AND
comment ruby-docs is earlier than 0:1.8.1-7.el4_8.3
oval oval:com.redhat.rhsa:tst:20091140001
comment ruby-docs is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060427012
AND
comment irb is earlier than 0:1.8.1-7.el4_8.3
oval oval:com.redhat.rhsa:tst:20091140003
comment irb is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060427004
AND
comment ruby-libs is earlier than 0:1.8.1-7.el4_8.3
oval oval:com.redhat.rhsa:tst:20091140005
comment ruby-libs is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060427006
AND
comment ruby-mode is earlier than 0:1.8.1-7.el4_8.3
oval oval:com.redhat.rhsa:tst:20091140007
comment ruby-mode is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060427002
AND
comment ruby-devel is earlier than 0:1.8.1-7.el4_8.3
oval oval:com.redhat.rhsa:tst:20091140009
comment ruby-devel is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060427014
AND
comment ruby-tcltk is earlier than 0:1.8.1-7.el4_8.3
oval oval:com.redhat.rhsa:tst:20091140011
comment ruby-tcltk is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060427008
AND
comment ruby is earlier than 0:1.8.1-7.el4_8.3
oval oval:com.redhat.rhsa:tst:20091140013
comment ruby is signed with Red Hat master key
oval oval:com.redhat.rhsa:tst:20060427010

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment ruby-mode is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140016
comment ruby-mode is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965016
AND
comment ruby-libs is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140018
comment ruby-libs is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965014
AND
comment ruby-rdoc is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140020
comment ruby-rdoc is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965018
AND
comment ruby-ri is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140022
comment ruby-ri is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965002
AND
comment ruby-devel is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140024
comment ruby-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965004
AND
comment ruby-tcltk is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140026
comment ruby-tcltk is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965006
AND
comment ruby-irb is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140028
comment ruby-irb is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965008
AND
comment ruby is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140030
comment ruby is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965010
AND
comment ruby-docs is earlier than 0:1.8.5-5.el5_3.7
oval oval:com.redhat.rhsa:tst:20091140032
comment ruby-docs is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070965012

rhsa

id	RHSA-2009:1140
released	2009-07-02
severity	Moderate
title	RHSA-2009:1140: ruby security update (Moderate)

rpms

irb-0:1.8.1-7.el4_8.3
ruby-0:1.8.1-7.el4_8.3
ruby-0:1.8.5-5.el5_3.7
ruby-debuginfo-0:1.8.1-7.el4_8.3
ruby-debuginfo-0:1.8.5-5.el5_3.7
ruby-devel-0:1.8.1-7.el4_8.3
ruby-devel-0:1.8.5-5.el5_3.7
ruby-docs-0:1.8.1-7.el4_8.3
ruby-docs-0:1.8.5-5.el5_3.7
ruby-irb-0:1.8.5-5.el5_3.7
ruby-libs-0:1.8.1-7.el4_8.3
ruby-libs-0:1.8.5-5.el5_3.7
ruby-mode-0:1.8.1-7.el4_8.3
ruby-mode-0:1.8.5-5.el5_3.7
ruby-rdoc-0:1.8.5-5.el5_3.7
ruby-ri-0:1.8.5-5.el5_3.7
ruby-tcltk-0:1.8.1-7.el4_8.3
ruby-tcltk-0:1.8.5-5.el5_3.7

Seebug

bulletinFamily	exploit
description	BUGTRAQ ID: 35278 CVE(CAN) ID: CVE-2009-1904 Ruby是一种功能强大的面向对象的脚本语言。 Ruby所使用的BigDecimal标准函数库中存在拒绝服务漏洞，在将BigDecimal对象转换为浮点数时可能会触发分段错误，导致链接到该库的应用崩溃。 Yukihiro Matsumoto Ruby 1.8.x 厂商补丁： Yukihiro%20Matsumoto ------------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： <a href="ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p369.tar.gz" target="_blank" rel=external nofollow>ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.6-p369.tar.gz</a> <a href="ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p174.tar.gz" target="_blank" rel=external nofollow>ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p174.tar.gz</a>
id	SSV:11656
last seen	2017-11-19
modified	2009-06-18
published	2009-06-18
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-11656
title	Ruby BigDecimal库拒绝服务漏洞

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Oval

Redhat

Seebug

References